Back to bug 2184017
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Red Hat Bugzilla | 2023-07-07 08:32:35 UTC | Assignee | security-response-team | nobody |
| TEJ RATHI | 2023-07-18 13:15:55 UTC | Blocks | 2223660 | |
| Pedro Sampaio | 2023-07-19 18:36:01 UTC | Depends On | 2224089, 2224088 | |
| Pedro Sampaio | 2023-07-19 19:34:43 UTC | Priority | low | medium |
| Severity | low | medium | ||
| Pedro Sampaio | 2023-07-19 19:37:12 UTC | Doc Text | python-configobj is vulnerable to Regular Expression Denial of Service (ReDoS) via the Validator function at python-configobj/validate.py. This is only exploitable in the case of a developer putting the offending value in a server side configuration file. | |
| Pedro Sampaio | 2023-07-19 19:37:38 UTC | Depends On | 2224111, 2224110 | |
| Paige Jung | 2023-07-19 20:32:16 UTC | Doc Text | python-configobj is vulnerable to Regular Expression Denial of Service (ReDoS) via the Validator function at python-configobj/validate.py. This is only exploitable in the case of a developer putting the offending value in a server side configuration file. | A flaw was found in python-configobj via the Validator function at python-configobj/validate.py. This issue only occurs in the case of a developer putting the offending value in a server side configuration file, which could lead to a Regular Expression Denial of Service (ReDoS). |
Back to bug 2184017